Mozilla Firefox users need to update the browser immediately: CERT-in alerts | HT Tech

Mozilla Firefox users need to update the browser immediately: CERT-in alerts

Indian Computer Emergency Response Team (CERT-In) has issued an advisory alerting users about the vulnerabilities in the Mozilla Firefox internet browser

By: HT CORRESPONDENT
| Updated on: Apr 18 2020, 19:49 IST
Indian Computer Emergency Response Team (CERT-In) has issued an advisory alerting users about the vulnerabilities in the Mozilla Firefox internet browser
Indian Computer Emergency Response Team (CERT-In) has issued an advisory alerting users about the vulnerabilities in the Mozilla Firefox internet browser (REUTERS)

The Indian Computer Emergency Response Team (CERT-In) has issued an advisory alerting Mozilla Firefox users about multiple vulnerabilities in the internet browser and has asked that they update it immediately.

The CERT-In advisory states that these browser vulnerabilities can be exploited by remote attackers to obtain sensitive information via the browser and execute arbitrary code on the targeted system.

You may be interested in

MobilesTablets Laptops
28% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
Google Pixel 8 Pro
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
Vivo X100 Pro 5G
  • Asteroid Black
  • 16 GB RAM
  • 512 GB Storage
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage

CERT-In has rated the severity as 'High' on all Mozilla Firefox browsers prior to version 75 and Mozilla Firefox ESR prior to version 68.7 which have been affected. The advisory thus recommends that everyone update their browser to the latest version immediately.

Also read
Looking for a smartphone? To check mobile finder click here.

"Out-of-Bounds Read Vulnerability in Mozilla Firefox ( CVE-2020-6821 ). This vulnerability exists in Mozilla Firefox due to a boundary condition when using WebGLcopyTexSubImage method. A remote attacker could exploit this vulnerability by specially crafted web pages.Successful exploitation of this vulnerability could allow a remote attacker to disclose sensitive information," the advisory said.

According to reports, another vulnerability exists in Mozilla Firefox due to a boundary condition in GMP Decode Data while processing images larger than 4GB on 32-bit builds. A remote attacker can exploit this vulnerability by specially crafted images and trick the victim into opening it. If this vulnerability is successfully exploited that could allow an attacker to "execute arbitrary code on the target system".

A remote attacker can also exploit another vulnerability by "persuading a victim to install a crafted extension. Successful exploitation of this vulnerability could allow a remote attacker to disclose sensitive information".

"Information Disclosure Vulnerability in Mozilla Firefox ( CVE-2020-6824). This vulnerability exists in Mozilla Firefox to generate a password for a site but leaves Firefox open.A remote attacker could exploit this vulnerability by revisiting the same site of the victim and generating a new password. The generated password will remain the same on the targeted system," the advisory added.

Other vulnerabilities include 'Buffer Overflow Vulnerability in Mozilla Firefox (CVE-2020-6825)' and 'Memory Corruption Vulnerability in Mozilla Firefox (CVE-2020-6826)'.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 18 Apr, 19:46 IST
NEXT ARTICLE BEGINS